Just a quick question regarding iptables. Whever I define a new rule in iptables, and then restart it, 95 times out of 100 it'll lead to some eggdrops I have idling IRC quiting with a ping timeout.

What I'd like to know is how to restart iptables in a soft manner so as not to cause the eggs to ping out. There must be a way, or a little trick to use? A way to restart or start/stop iptables in such a manner as not to effect the eggs?

Any ideas would be welcome :)

Thanks.

I don't know anything about IRC or even what egg you're talking about, but you can clear any iptables setting by typing 'iptables -F' to flush all the rules. I use that when experimenting with it. When my X11 used to lock up from me playing with port 6000 and above, I'd just type that at a console to get it back.

Fluxism -

You don't need to restart ipatables after defining a rule - it works on the fly. However if you do want to flush and re-establish all your rules, I do this by using a script that executes everything all at once. When i run my script it first flushes (iptables -F;iptables -t nat -F... etc) and then defines all my rules in order - i've never been disconnected when i run it like that. However your best solution is just to not restart iptables... if you do like iptables -A INPUT -p tcp --dport 22 -j ACCEPT - it will start doing accept ssh connections that as soon as you enter the command - no need to restart

-Chris